def token_create_scoped(request, tenant, token): ''' Creates a scoped token using the tenant id and unscoped token; retrieves the service catalog for the given tenant. ''' if hasattr(request, '_keystone'): del request._keystone c = keystoneclient(request, tenant_id=tenant, token_id=token, endpoint=_get_endpoint_url(request, 'internalURL')) raw_token = c.tokens.authenticate(tenant_id=tenant, token=token, return_raw=True) c.service_catalog = service_catalog.ServiceCatalog(raw_token) if request.user.is_admin(): c.management_url = c.service_catalog.url_for(service_type='identity', endpoint_type='adminURL') else: endpoint_type = getattr(settings, 'OPENSTACK_ENDPOINT_TYPE', 'internalURL') c.management_url = c.service_catalog.url_for( service_type='identity', endpoint_type=endpoint_type) scoped_token = tokens.Token(tokens.TokenManager, raw_token) return scoped_token
def token_create_scoped(request, tenant, token): ''' Creates a scoped token using the tenant id and unscoped token; retrieves the service catalog for the given tenant. ''' if hasattr(request, '_keystone'): del request._keystone c = keystoneclient(request, tenant_id=tenant, token_id=token, endpoint=settings.OPENSTACK_KEYSTONE_URL) raw_token = c.tokens.authenticate(tenant=tenant, token=token, return_raw=True) c.service_catalog = service_catalog.ServiceCatalog(raw_token) if request.user.is_admin(): c.management_url = c.service_catalog.url_for(service_type='identity', endpoint_type='adminURL') else: c.management_url = c.service_catalog.url_for(service_type='identity', endpoint_type='publicURL') scoped_token = tokens.Token(tokens.TokenManager, raw_token) return Token(scoped_token)
def scoped_token_create(token_id, tenant_id): """ Creates a scoped token using the tenant id and unscoped token; retrieves the service catalog for the given tenant. """ c = _keystoneclient(tenant_id=tenant_id, token_id=token_id) raw_token = c.tokens.authenticate(tenant_id=tenant_id, token=token_id, return_raw=True) # LOG.debug('got raw_token: %s' % raw_token) # FIXME need to modify c3 ? # c.service_catalog = service_catalog.ServiceCatalog(raw_token) # if request.ouser.is_admin(): # c.management_url = c.service_catalog.url_for(service_type='identity', # endpoint_type='adminURL') # else: # c.management_url = c.service_catalog.url_for(service_type='identity', # endpoint_type='publicURL') scoped_token = tokens.Token(tokens.TokenManager, raw_token) return scoped_token
def data(TEST): TEST.service_catalog = SERVICE_CATALOG TEST.tokens = TestDataContainer() TEST.domains = TestDataContainer() TEST.users = TestDataContainer() TEST.groups = TestDataContainer() TEST.tenants = TestDataContainer() TEST.roles = TestDataContainer() TEST.ec2 = TestDataContainer() admin_role_dict = {'id': '1', 'name': 'admin'} admin_role = roles.Role(roles.RoleManager, admin_role_dict) member_role_dict = {'id': "2", 'name': settings.OPENSTACK_KEYSTONE_DEFAULT_ROLE} member_role = roles.Role(roles.RoleManager, member_role_dict) TEST.roles.add(admin_role, member_role) TEST.roles.admin = admin_role TEST.roles.member = member_role domain_dict = {'id': "1", 'name': 'test_domain', 'description': "a test domain.", 'enabled': True} domain_dict_2 = {'id': "2", 'name': 'disabled_domain', 'description': "a disabled test domain.", 'enabled': False} domain = domains.Domain(domains.DomainManager, domain_dict) disabled_domain = domains.Domain(domains.DomainManager, domain_dict_2) TEST.domains.add(domain, disabled_domain) TEST.domain = domain # Your "current" domain user_dict = {'id': "1", 'name': 'test_user', 'email': '*****@*****.**', 'password': '******', 'token': 'test_token', 'project_id': '1', 'enabled': True, 'domain_id': "1"} user = users.User(users.UserManager(None), user_dict) user_dict = {'id': "2", 'name': 'user_two', 'email': '*****@*****.**', 'password': '******', 'token': 'test_token', 'project_id': '1', 'enabled': True, 'domain_id': "1"} user2 = users.User(users.UserManager(None), user_dict) user_dict = {'id': "3", 'name': 'user_three', 'email': '*****@*****.**', 'password': '******', 'token': 'test_token', 'project_id': '1', 'enabled': True, 'domain_id': "1"} user3 = users.User(users.UserManager(None), user_dict) user_dict = {'id': "4", 'name': 'user_four', 'email': '*****@*****.**', 'password': '******', 'token': 'test_token', 'project_id': '2', 'enabled': True, 'domain_id': "2"} user4 = users.User(users.UserManager(None), user_dict) TEST.users.add(user, user2, user3, user4) TEST.user = user # Your "current" user TEST.user.service_catalog = SERVICE_CATALOG group_dict = {'id': "1", 'name': 'group_one', 'description': 'group one description', 'domain_id': '1'} group = groups.Group(groups.GroupManager(None), group_dict) group_dict = {'id': "2", 'name': 'group_two', 'description': 'group two description', 'domain_id': '1'} group2 = groups.Group(groups.GroupManager(None), group_dict) group_dict = {'id': "3", 'name': 'group_three', 'description': 'group three description', 'domain_id': '2'} group3 = groups.Group(groups.GroupManager(None), group_dict) TEST.groups.add(group, group2, group3) tenant_dict = {'id': "1", 'name': 'test_tenant', 'description': "a test tenant.", 'enabled': True, 'domain_id': '1'} tenant_dict_2 = {'id': "2", 'name': 'disabled_tenant', 'description': "a disabled test tenant.", 'enabled': False, 'domain_id': '2'} tenant_dict_3 = {'id': "3", 'name': u'\u4e91\u89c4\u5219', 'description': "an unicode-named tenant.", 'enabled': True, 'domain_id': '2'} tenant = tenants.Tenant(tenants.TenantManager, tenant_dict) disabled_tenant = tenants.Tenant(tenants.TenantManager, tenant_dict_2) tenant_unicode = tenants.Tenant(tenants.TenantManager, tenant_dict_3) TEST.tenants.add(tenant, disabled_tenant, tenant_unicode) TEST.tenant = tenant # Your "current" tenant tomorrow = datetime_safe.datetime.now() + timedelta(days=1) expiration = datetime_safe.datetime.isoformat(tomorrow) scoped_token = tokens.Token(tokens.TokenManager, dict(token={"id": "test_token_id", "expires": expiration, "tenant": tenant_dict, "tenants": [tenant_dict]}, user={"id": "test_user_id", "name": "test_user", "roles": [member_role_dict]}, serviceCatalog=TEST.service_catalog)) unscoped_token = tokens.Token(tokens.TokenManager, dict(token={"id": "test_token_id", "expires": expiration}, user={"id": "test_user_id", "name": "test_user", "roles": [member_role_dict]}, serviceCatalog=TEST.service_catalog)) TEST.tokens.add(scoped_token, unscoped_token) TEST.token = scoped_token # your "current" token. TEST.tokens.scoped_token = scoped_token TEST.tokens.unscoped_token = unscoped_token access_secret = ec2.EC2(ec2.CredentialsManager, {"access": "access", "secret": "secret"}) TEST.ec2.add(access_secret)
def data(TEST): TEST.service_catalog = SERVICE_CATALOG TEST.tokens = TestDataContainer() TEST.users = TestDataContainer() TEST.tenants = TestDataContainer() TEST.roles = TestDataContainer() TEST.ec2 = TestDataContainer() admin_role_dict = {'id': '1', 'name': 'admin'} admin_role = roles.Role(roles.RoleManager, admin_role_dict) member_role_dict = { 'id': "2", 'name': settings.OPENSTACK_KEYSTONE_DEFAULT_ROLE } member_role = roles.Role(roles.RoleManager, member_role_dict) TEST.roles.add(admin_role, member_role) TEST.roles.admin = admin_role TEST.roles.member = member_role user_dict = { 'id': "1", 'name': 'test_user', 'email': '*****@*****.**', 'password': '******', 'token': 'test_token', 'enabled': True } user = users.User(users.UserManager(None), user_dict) user_dict = { 'id': "2", 'name': 'user_two', 'email': '*****@*****.**', 'password': '******', 'token': 'test_token', 'enabled': True } user2 = users.User(users.UserManager(None), user_dict) user_dict = { 'id': "3", 'name': 'user_three', 'email': '*****@*****.**', 'password': '******', 'token': 'test_token', 'enabled': True } user3 = users.User(users.UserManager(None), user_dict) TEST.users.add(user, user2, user3) TEST.user = user # Your "current" user TEST.user.service_catalog = SERVICE_CATALOG tenant_dict = { 'id': "1", 'name': 'test_tenant', 'description': "a test tenant.", 'enabled': True } tenant_dict_2 = { 'id': "2", 'name': 'disabled_tenant', 'description': "a disabled test tenant.", 'enabled': False } tenant = tenants.Tenant(tenants.TenantManager, tenant_dict) disabled_tenant = tenants.Tenant(tenants.TenantManager, tenant_dict_2) TEST.tenants.add(tenant, disabled_tenant) TEST.tenant = tenant # Your "current" tenant tomorrow = datetime_safe.datetime.now() + timedelta(days=1) expiration = datetime_safe.datetime.isoformat(tomorrow) scoped_token = tokens.Token( tokens.TokenManager, dict(token={ "id": "test_token_id", "expires": expiration, "tenant": tenant_dict, "tenants": [tenant_dict] }, user={ "id": "test_user_id", "name": "test_user", "roles": [member_role_dict] }, serviceCatalog=TEST.service_catalog)) unscoped_token = tokens.Token( tokens.TokenManager, dict(token={ "id": "test_token_id", "expires": expiration }, user={ "id": "test_user_id", "name": "test_user", "roles": [member_role_dict] }, serviceCatalog=TEST.service_catalog)) TEST.tokens.add(scoped_token, unscoped_token) TEST.token = scoped_token # your "current" token. TEST.tokens.scoped_token = scoped_token TEST.tokens.unscoped_token = unscoped_token access_secret = ec2.EC2(ec2.CredentialsManager, { "access": "access", "secret": "secret" }) TEST.ec2.add(access_secret)